packages/k3s-containerd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!10 [sync] PR-9: Add PIE,BIND_NOW,RELRO secure compilation options

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @zhu-yuncheng 
Signed-off-by: @zhu-yuncheng
This commit is contained in:
openeuler-ci-bot 2023-03-03 11:11:47 +00:00 committed by Gitee
commit 685b8cebe7
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
k3s-containerd.spec
View File

@ -3,7 +3,7 @@
%global version_suffix k3s1
Version: 1.6.6
Name: k3s-containerd
Release: 3
Release: 4
Summary: An industry-standard container runtime
License: Apache-2.0
URL: https://github.com/k3s-io/containerd
@ -53,7 +53,7 @@ VERSIONFLAGS="
TAGS="apparmor seccomp netgo osusergo providerless urfave_cli_no_docs"
LDFLAGS=" -w -s"
CGO_ENABLED=1 go build -tags "$TAGS" -ldflags "$VERSIONFLAGS $LDFLAGS" -o k3s-containerd/bin ./cmd/containerd
CGO_ENABLED=1 go build -tags "$TAGS" -ldflags "$VERSIONFLAGS $LDFLAGS" -o k3s-containerd/bin ./cmd/containerd-shim-runc-v2
CGO_ENABLED=1 go build -buildmode=pie -tags "$TAGS" -ldflags "$VERSIONFLAGS $LDFLAGS -linkmode=external -extldflags '-Wl,-z,relro -Wl,-z,now'" -o k3s-containerd/bin ./cmd/containerd-shim-runc-v2
%install
install -d -p %{buildroot}%{_libexecdir}/containerd/
@ -68,6 +68,9 @@ cp -rf %{_builddir}/containerd-%{version}-%{version_suffix}/. %{buildroot}%{_lib
%changelog
* Fri Mar 03 2023 wangkai <wangkai385@h-partners.com> - 1.6.6-k3s1-4
- Add PIE,BIND_NOW,RELRO secure compilation options
* Wed Aug 03 2022 liukuo <liukuo@kylinos.cn> - 1.6.6-k3s1-3
- License compliance rectification